Welcome to the third annual Security Report issued by Ixia, a Keysight business. Each year, the Ixia Application and Threat Intelligence (ATI) Research Center summarizes the most interesting and prominent internet security trends. We analyze ATI data to help organizations understand where they can improve. We also analyze the data to predict the biggest hotspots for the coming year. In all our work, we aspire to help cybersecurity professionals strengthen their security posture by sharing knowledge of active exploits, new and old.
2019 Security Report
- In 2018, we observed many successful attacks based on historic vulnerabilities. Legacy attacks dating back to as far as 2009 remained effective. Hackers successfully compromised systems when the systems were unpatched, or because no patch was available for a legacy system. Widespread availability of exploit software that targets well-known vulnerabilities also contributed to the phenomenon. Bad security hygiene, in the form of default login and password credentials, also contributed to the problem.
- Public cloud architectures created a second vector for new security attacks. Both home-grown and commercial software packages exhibited vulnerabilities. We categorize these into two basic groups: code vulnerabilities and configuration vulnerabilities. Misconfigured security and access policies were a major source of data breach in 2018.
- Beneath the threats observed lies an unavoidable truth: Network and application complexity pose serious security threats. Complexity continues to grow within enterprise and service provider IT environments. This growing complexity is creating new security vulnerabilities every day. Thwarting security attacks starts with a continuous commitment to security best practices. Tools augment your ability to mitigate threats, but only security best practices can prevent them.